Connect with us

News

COVID-19: Sophos shares five tips on how remote workers can stay cybersecured

Published

on

BY: Sandra Ani

Following the Federal and State Governments directives that businesses in Nigeria should adopt measures to curtail the spread of Coronavirus many if not most organisations have already crossed the “working from home”, or at least the “working while on the road” bridge.

Therefore, the global concerns over the current coronavirus (Covid-19) outbreak, and the need to keep at-risk staff away from the office, means that lots of companies may soon and suddenly end up with lots more staff working from home

A global cybersecurity Company has also suggested that it is vital not to let the precautions intended to protect the physical health of a company staff turn into a threat to their cybersecurity health at the same time.

“Importantly, if you have a colleague who needs to work from home specifically to stay away from the office then you can no longer use the tried-and-tested approach of getting them to come in once to collect their new laptop and phone, and to receive the on-site training that you hope will make them a safer teleworker”, Principal Research Scientist Sophos, Paul Ducklin, said while stressing that organisations  are now in need to set remote users up from scratch, entirely remotely, something some have not done a lot of in the past.

Ducklin went ahead to list five tips for working from home safely:

1. Make sure it’s easy for your users to get started:

“Look for security products that offer what’s called an SSP, short for Self-Service Portal. What you are looking for is a service to which a remote user can connect, perhaps with a brand new laptop they ordered themselves, and set it up safely and easily without needing to hand it over to the IT department first.

“Many SSPs also allow the user to choose between different levels of access, so they can safely connect up either a personal device (albeit with less access to fewer company systems than they’d get with a dedicated device), or a device that will be used only for company work.

“The three key things you want to be able to set up easily and correctly are: encryption, protection and patching.

“Encryption means making sure that full-device encryption is turned on and activated, which protects any data on the device if it gets stolen; protection means that you start off with known security software, such as anti-virus, configured in the way you want; and patching means making sure that the user gets as many security updates as possible automatically, so they don’t get forgotten.

“Remember that if you do suffer a data breach, such as a lost laptop, you may well need to disclose the fact to the data protection regulator in your country.

“If you want to be able to claim that you took the right precautions, and thus that the breach can be disregarded, you’ll need to produce evidence – the regulator won’t just take your word for it!

2. Make sure your users can do what they need

“If users genuinely can’t do their job without access to server X or to system Y, then there’s no point in sending them off to work from home without access to X and Y.

“Make sure you have got your chosen remote access solution working reliably first – force it on yourself! – before expecting your users to adopt it.

“If there are any differences between what they might be used to and what they are going to get, explain the difference clearly – for example, if the emails they receive on their phone will be stripped of attachments, don’t leave them to find that out on their own.

“They’ll not only be annoyed, but will probably also try to make up their own tricks for bypassing the problem, such as asking colleagues to upload the files to private accounts instead.

“If you’re the user, try to be understanding if there are things you used to be able do in the office that you have to manage without at home.

3. Make sure you can see what your users are doing

“Don’t just leave your users to their own devices (literally or figuratively). If you’ve set up automatic updating for them, make sure you also have a way to check that it’s working, and be prepared to spend time online helping them fix things if they go wrong.

“If their security software produces warnings that you know they will have seen, make sure you review those warnings too, and let your users know what they mean and what you expect them to do about any issues that may arise.

“Don’t patronise your users, because no one likes that; but don’t leave them to fend for themselves, either – show them a bit of cybersecurity love and you are very likely to find that they repay it.

4. Make sure they have somewhere to report security issues

“If you haven’t already, set up an easily remembered email address, such as security911 @ yourcompany DOT example, where users can report security issues quickly and easily.

“Remember that a lot of cyberattacks succeed because the crooks try over and over again until one user makes an innocent mistake – so if the first person to see a new threat has somewhere to report it where they know they won’t be judged or criticised (or, worse still, ignored), they’ll end up helping everyone else.

Teach your users – in fact, this goes for office-based staff as well as teleworkers – only to reach out to you for cybersecurity assistance by using the email address or phone number you gave them. (Consider snail-mailing them a card or a sticker with the details printed on it.)

“If they never make contact using links or phone numbers supplied by email, they they are very much less likely to get scammed or phished.

5. Make sure you know about “shadow IT” solutions

Shadow IT is where non-IT staff find their own ways of solving technical problems, for convenience or speed.

“If you have a bunch of colleagues who are used to working together in the office, but who end up flung apart and unable to meet up, it’s quite likely that they might come up with their own ways of collaborating online – using tools they’ve never tried before.

“Sometimes, you might even be happy for them to do this, if it’s a cheap and happy way of boosting team dynamics.

For example, they might open an account with an online whiteboarding service – perhaps even one you trust perfectly well – on their own credit card and plan to claim it back later.

“The first risk everyone thinks about in cases like this is, “What if they make a security blunder or leak data they shouldn’t?”

“But there’s another problem that lots of companies forget about, namely: what if, instead of being a security disaster, it’s a conspicuous success?

“A temporary solution put in place to deal with a public health issue might turn into a vibrant and important part of the company’s online presence.

“So, make sure you know whose credit card it’s charged to, and make sure you can get access to the account if the person who originally created it forgets the password, or cancels their card.

“So-called “shadow IT” isn’t just a risk if it goes wrong – it can turn into a complicated liability if it goes right!

Most of all, the Paul Ducklin added, “if you and your users suddenly need to get into teleworking, be prepared to meet each other half way.

“For example, if you’re the user, and your IT team suddenly insists that you start using a password manager and 2FA (those second-factor login codes you have to type in every time)…

“…then just say “Sure,” even if you hate 2FA and have avoided it in your personal life because you find it inconvenient.

“And if you’re the sysadmin, don’t ignore your users, even if they ask questions you think they should know the answer to by now, or if they ask for something you’ve already said “No” to…

“…because it might very well be that they’re asking because you didn’t explain clearly the first time, or because the feature they need really is important to doing their job properly.

“We’re living in tricky times, so try not to let matters of public health cause the sort of friction that gets in the way of doing cybersecurity properly!

Here are other Sophos resources related to COVID-19 that you may find useful:

SophosLabs has uncovered a variety of different malicious email campaigns connected to COVID-19, including:

Phishing scams impersonating the WHO, CDC, and other healthcare organizations to deliver malware via malicious documents disguised as official information on how to stay safe during the pandemic

Cybercriminals impersonating charities and relief organizations like the WHO’s COVID-19 Solidarity Response Fund to trick victims into sending them Bitcoin

SophosLabs is updating its Uncut blog with new findings in real time.

GrassRoots.ng is on a critical mission; to objectively and honestly represent the voice of ‘grassrooters’ in International, Federal, State and Local Government fora; heralding the achievements of political and other leaders and investors alike, without discrimination. This daily, digital news publication platform serves as the leading source of up-to-date information on how people and events reflect on the global community. The pragmatic articles reflect on the life of the community people, covering news/current affairs, business, technology, culture and fashion, entertainment, sports, State, National and International issues that directly impact the locals.

News

Girlfriend burns boyfriend alive at a Fuelling station in Texas.

Published

on

Boyfriend, 25, dies after his skin ‘melted off’ when his ‘girlfriend, 24, sprayed him with 50 cents worth of gasoline and turned him into a human fireball’ during row at Texas gas station

A woman has been charged with murder after ‘melting the skin off’ her boyfriend at a Texas gas station and driving away ‘smiling’.Breana Johnson, 24, doused Ricky Doyle, 25, in petrol as he sat in the backseat of a Jeep and set fire to him after a row on July 18, according to the Arlington Police Department.

Doyle died on Tuesday in a Dallas-area hospital after a two weeks struggle for survival following the horrifying attack, prompting the Johnson’s aggravated assault charge to be upgraded to murder.

Doyle’s mother Lisa told NBCDFW how doctors said his foot ‘was the only part of his body I could touch. That’s all that was left.’

Johnson was heard to tell Doyle ‘I’m going to kill you’ at a Shell gas station during the argument, and went inside and paid for $0.50 worth of gas.

Witnesses saw her return and pour the gasoline over Doyle and walk around to the driver’s seat and set it on fire in what had seemed like a premeditated and thought-through attack.Doyle escaped from the car engulfed in flames and was seen screaming through the parking lot unable to stop his body from burning.

A customer rushed to his aide with a fire extinguisher and put the flames out. A witness said Doyle was ‘bleeding and had skin that appeared to have melted off his body,’ said the police charging document.

Johnson told witnesses that she was smoking while pumping gas which was the accidental cause of the fire.

However, witnesses who had seen Johnson allegedly deliberately set Doyle on fire confronted her, with one trying to detain her until the police arrived.But Johnson pushed the person to the ground and drove away while smiling, the police report said.Doyle’s family said he was first taken to Medical City Arlington before being transferred to a hospital in Plano, where he was being treated for burns covering more than 90% of his body.

They said the top of his head, groin and buttocks areas, along with the bottoms of his feet were spared.

Doyle’s little sister, Mikayla, said the argument between Johnson and Doyle initially started outside the family home in Arlington.

‘She [Johnson] just started beating on his chest. She took his phone. She threw his phone.

Then she came back and she picked his phone up, threw it at him, and then started beating his chest,’ Mikayla recalled. We knew she was abusive to him, but we didn’t know it would come to this.

This is really a traumatic experience for the deceased family. We live in a crazy world, so be careful who you date.

Continue Reading

GRTech

Elon Musk builds Hotel in Mars, Sets to launch soon at $5million per night – Photos

Published

on

The richest men on Earth, Elon Musk is actually working towards making mars a planet to live in.
He already built a hotel in the Planet Mars!

Elon Musk

First Hotel in Mars by Elon Musk is set to open soon at $5 Million per night.
Just wow. This shows how far he’s willing to go in making Mars another planet to live in.
Elon Musk who is a co-founder and leads Tesla, SpaceX, Neuralink and The Boring Company, is a very wealthy man.

And as the co-founder and CEO of Tesla, Elon leads all product design, engineering and global manufacturing of the company’s electric vehicles, battery products and solar energy products Which is no surprise as to what he intends creating in Mars.

A little biography of him shows that he was born to a South African father and a Canadian mother. He displayed an early talent for computers and entrepreneurship. At age 12 he created a video game and sold it to a computer magazine. In 1988, after obtaining a Canadian passport, Musk left South Africa because he was unwilling to support apartheid through compulsory military service and because he sought the greater economic opportunities available in the United States. And over the years, his achievements have been quite mind blowing which has made him the most wealthiest and richest man in planet earth at the moment.

Here are the pictures of his hotel in Mars.

Hotel in Mars
Hotel in Mars
Hotel in Mars
The outer view of the hotel in Mars
Elon Musk

But how very convinced is the world about the success of Mr. Elon’s project? Because this is quite a mind blowing achievement.

Continue Reading

News

Apostle Johnson Suleman accused of rituals and sexual affairs with over 10 Nollywood actresses

Published

on

The pastor of Omega fire ministry, Apostle Johnson Suleiman has again been dragged by the popular blogger known as gistlover.
Over the years, rumors about him sleeping around with women and paying them big has been coming to and fro. It got to a point that a lady name Stephanie came out to disclose her alledged affairs with him which was denied.
But just some days ago, a Nollywood actress named Halima Abubakar came out to also to disclose her affair and ordeals with the man of God. She also stated through gist lover whom she conversed with, that she also got severely sick during her time with him.
Gistlover named a lot of other actresses in Nollywood who have been involved with him. Some were said to have fallen terribly ill whilst with him, and some had jujus strong enough to make them not get sick.
Some of the actresses name mentioned came as a huge shock to their fans. Actresses like Mercy Johnson, Ruth Kadiri, Ebube Nwagbo, Ngozi Ezeonu and even Omotola.
This seems like some kind of set up, but Gistlover has insisted that it is true as there are evidences to back this narrative. Well, we will be waiting to see the evidences but here are some photos showing the Actress Halima’s claims and conversations with gistlover. And also photos of the names of the actresses released.

Apostle Johnson Suleman
Actress Halima showing her sudden swollen stomach (illness) after loosing her pregnancy for Apostle Suleman
Halima’s conversation with gistlover
Halima’s conversation with gistlover
Halima’s conversation with gistlover
Halima’s reply when Actress Shan George who was also listed came out to defend the man of God
Cossy too is acknowledging the fact that the affair situation is true as she also gave him some ladies.

With all these allegations leveled on the man of God, he is yet to say anything about it. And we are sincerely hoping it’s not true owing to the numerous evidences being showed and to be shown by gistlover.

Continue Reading

Trending